'use strict';

module.exports = appInfo => {
  const config = exports = {};

  // use for cookie sign key, should change to your own and keep security
  config.keys = appInfo.name + '_1514970357375_2489';

  // add your config here
  config.middleware = ['errorHandler', 'graphql'];

  config.security = {
    domainWhiteList: ['http://127.0.0.1:8080'],
    csrf: {
      enable: false,
      ignoreJSON: true
    }
  };

  config.cors = {
    // allowMethods: 'GET,HEAD,PUT,POST',
    // credentials: true,
    exposeHeaders: 'authorization, authorization-exp',
    maxAge: 1728000
  };

  config.errorHandler = {
    match: ['/api', '/graphql']
  };

  config.graphql = {
    router: '/graphql',
    graphiql: true,
    onPreGraphQL (ctx) {
      // ctx.app.jwt()
    }
  };

  config.jwt = {
    secret: config.keys,
    exp: '2d',
    enable: true,
    match () {
      return false;
    }
  };

  config.mongoose = {
    url: 'mongodb://127.0.0.1/demo',
    options: {}
  };

  return config;
};
